Meet the Team: usd HeroLab

28. May 2021

The career opportunities in the IT security industry are diverse and the paths from study to later profession can be quite different. We therefore asked our colleagues about their activities, their career path and their passion for the profession.

Our excellently trained security analysts and pentesters work in the usd HeroLab, supported by our own development team for the toolchain and pentest service management. If anyone understands how attackers think and act, it is them. In the name of "more security", they identify vulnerabilities, name risks and recommend countermeasures. Whether pentests, security scans, code reviews or digital forensics - our colleagues are passionate about what they do.


Sebastian Düringer

Like many of his colleagues, Sebastian studied IT security at the Technical University of Darmstadt, which laid a good foundation for his career as a pentester. At usd HeroLab, he accompanies customers through the scanning process as the person responsible for security scans.

„At usd HeroLab, you learn a lot very quickly and you are given the opportunity to take on responsibility and contribute your own ideas at an early stage. In addition, the tasks remain varied because you have to constantly adapt to current developments in technical security analyses such as pentests or security scans and find new solutions accordingly. For me, that and my great team make my job.“



Lauritz Holtmann

During his studies at the Ruhr University in Bochum, Lauritz worked as a student trainee at usd HeroLab and was also very involved in IT security in his private life. At usd HeroLab, he is responsible for mobile security and responsible disclosure activities, among other things.

„At usd HeroLab, I have turned my hobby into my profession, so to speak. Through a combination of pentests and security scans, I examine, for example, apps that we all use every day for security vulnerabilities. In our Security Advisories, we warn about vulnerabilities in common software products. In this way, my team and I can help to better protect companies and private individuals against cybercriminals.“



Lisa Ruppert

After her apprenticeship as a bank clerk, Lisa decided to study Public Management at the University of Applied Sciences Darmstadt and worked as a student trainee at usd AG during that time. Since May, she has been working full-time at usd HeroLab and supports the Pentest Service Management (PSM).

„Over 50 security analysts and hundreds of analyses a month - organising that is quite an art. The preparation and follow-up have to be good, and above all the communication with the contacts on both sides has to be right. That's what I like about my job: coordinating complex projects and working closely with people.“



Andreas Hagemann

After studying business informatics at DHBW Mannheim, Andreas initially worked as an SAP consultant, but after a few years he noticed that he was becoming more and more interested in IT security topics privately. Today, he has focused on IT security and is a pentester at usd HeroLab. Here, through his experience in the SAP environment, he is responsible, among other things, for conducting SAP pentests.

„Someone once told me that as a pentester you need a certain „hunter's instinct" - I can only confirm that. We always put ourselves in the role of an attacker and play out a wide range of attack scenarios on our customers' IT environments. To protect our customers, it is always our goal to uncover vulnerabilities before someone can exploit them.“


Would you like to enter or switch to the IT security industry? Join our team!

If you want to learn even more about us and what we do, join us at our „Ask our IT Security Professionals" event on 17/06.

Also interesting:

Top 3 Vulnerabilites in System Pentests

Top 3 Vulnerabilites in System Pentests

During their penetration tests (pentests), our security analysts at usd HeroLab repeatedly uncover vulnerabilities that pose significant risks to corporate security. They increasingly encounter the same vulnerabilities. Our blog series "Top 3 Vulnerabilities" presents...

DORA Deep Dive: Reporting of ICT-Related Incidents

DORA Deep Dive: Reporting of ICT-Related Incidents

The Digital Operational Resilience Act (DORA) requires major ICT-related incidents to be reported to the German Federal Financial Supervisory Authority (BaFin) from January 2025. Why should you take a close look at this requirement now? Where in DORA is this...

Categories

Categories